Committee for the Protection of Human Subjects

The Committee for the Protection of Human Subjects (CPHS) serves as the institutional review board (IRB) for the California Health and Human Services Agency (CHHSA). The role of the CPHS and other IRBs is to assure that research involving human subjects is conducted ethically and with minimum risk to participants.

IMPORTANT – ADVERSE EVENT/UNANTICIPATED PROBLEMS REPORTING REQUIREMENTS:Adverse Events, Unanticipated Problems, Data Security Breaches, and Protocol Deviations are submitted via a Report Form on IRBmanager. Report Forms can only be accessed on IRBManager. For additional information, please view our FAQs section on how to submit an Adverse Event/Unanticipated Problems Form or call the CPHS main line at (916) 326-3661 for assistance.

The Federalwide Assurance is the formal agreement between the California Health and Human Services Agency (CHHSA) and the United States Department of Health and Human Services (DHHS) stipulating that all research conducted within the jurisdiction of the CHHSA will be reviewed by the Committee for the Protection of Human Subjects in accordance with the ethics and procedures designated in the Common Rule.

The CPHS operates under the terms of Federalwide Assurance (FWA) 00000681 (pdf) signed in October 2011 with the U.S. Department of Health and Human Services, and conducts business, as appropriate, in compliance with the:

Common Rule

The Common Rule (45 CFR Part 46 of the Code of Federal Regulations), regulates ethics for research projects involving human subjects that are funded by the United States Department of Health and Human Services and many other federal departments. It also provides specific requirements for the form and function of institutional review boards (IRBs). The Committee for the Protection of Human Subjects operates in compliance with the Common Rule in reviewing human subjects research regardless of the funding source and promotes the high ethical principles contained in the Common Rule.

Federal Food and Drug Administration

The Federal Food and Drug Administration (FDA) regulates clinical investigations involving food, drugs, medical devices, and biological products for human use. As a federally-chartered institutional review board, the Committee for the Protection of Human Subjects reviews such research in accordance with FDA regulations 21 CFR Parts 50 and 56.

HIPAA Privacy Rule

The Privacy Rule of the Health Insurance Portability and Accountability Act (45 CFR Part 160)protects personal health information by designating that it may not be released for research purposes unless the patient has signed an authorization or an institutional review board (or privacy board) has approved a waiver of a signed patient authorization. The Committee for the Protection of Human Subjects (CPHS) reviews requests for waivers of patient authorization in accordance with the HIPAA Privacy Rule.

Sections 24170-24179.5 delineate State law regarding the rights of human subjects participating in medical experiments. This includes: the “Experimental Subject’s Bill of Rights,” required elements of informed consent, and consent by surrogate decision makers.

Birth Certificate Data

Sections 102425-102475 delineate state law regarding the collection and release of information on birth certificates, including the responsibilities of the State Registrar and the Committee for the Protection of Human Subjects.

Death Certificate Data

Section 102231(a)(3) states that “Death data files for public release shall not contain the mother’s maiden name and social security number.” Section 102231(a)(5) states, “Death data files containing personal identifying information may be released to persons expressing a valid scientific interest, as determined by the appropriate committee constituted for the protection of human subjects that is approved by the United States Department of Health and Human Services an has a general assurance pursuant to Part 46 (commencing with Section 46.101) of Title 45 of the Code of Federal Regulations.” The full text of these and related statutes are contained in Sections 102175-102249.

The California Health and Human Services Agency (CHHSA) established the Committee for the Protection of Human Subjects (CPHS), an institutional review board, in July 1976. The Health and Human Services Agency is bound by the terms of the Federalwide Assurance (FWA) 00000681 signed in June 2001 with the U.S. Department of Health and Human Services (DHHS), Office for Human Research Protections. The CPHS is the only Institutional Review Board (IRB) empowered by the California Health and Human Services Agency.

The CPHS operates under the terms of Federalwide Assurance (FWA) 00000681 signed in June 2001 with the U.S. Department of Health and Human Services, and conducts business, as appropriate, in compliance with the:

In compliance with the Federalwide Assurance, the CPHS is obligated to review all research involving human subjects, regardless of funding source, meeting any of the following criteria:

Research sponsored by the California Health and Human Services Agency (CHHSA) or any of its departments.

Research conducted by or under the direction of any employee or agent of the CHHSA or any of its departments.

Research using personally identifiable data held by the CHHSA or any of its departments.

Research involving subjects for whom the CHHSA or any of its departments have direct responsibility, such as patients in State hospitals.

The California Information Practices Act (SB13) (effective January 1, 2006) requires CPHS review and approval before personal information (linkable to any individual) that is held by any state agency or department can be released for research purposes.

The CPHS will engage in formal agreements to serve as the institution review board for other institutions in California with current Federalwide Assurances in place. Reciprocity arrangements to enable other institutional review boards to approve projects for the CPHS under the Federal Common rule will be considered on a case-by-case basis. The CPHS does not delegate reviews for compliance with the California Information Practices Act, Civil Code, Section 1798.24 (SB13) to other institutional review boards.

The Committee for the Protection of Human Subjects (CPHS) serves as the institutional review board (IRB) for the California Health and Human Services Agency (CHHSA). The role of the CPHS and other IRBs is to assure that research involving human subjects is conducted ethically and with minimum risk to participants.

“Respect for persons incorporates at least two ethical convictions: first, that individuals should be treated as autonomous agents, and second, that persons with diminished autonomy are entitled to protection. The principle of respect for persons thus divides into two separate moral requirements: the requirement to acknowledge autonomy and the requirement to protect those with diminished autonomy.”

“Persons are treated in an ethical manner not only by respecting their decisions and protecting them from harm, but also by making efforts to secure their well-being. Two general rules have been formulated as complementary expressions of beneficent actions in this sense: (1) do not harm and (2) maximize possible benefits and minimize possible harms.”

“The selection of research subjects needs to be scrutinized in order to determine whether some classes (e.g., welfare patients, particular racial and ethnic minorities, or persons confined to institutions) are being systematically selected simply because of their easy availability, their compromised position, or their manipulability, rather than for reasons directly related to the problem being studied. Finally, whenever research supported by public funds leads to the development of therapeutic devices and procedures, justice demands both that these not provide advantages only to those who can afford them and that such research should not unduly involve persons from groups unlikely to be among the beneficiaries of subsequent applications of the research.”

CPHS is the institutional review board (IRB) for all of the departments under the California Health and Human Services Agency (CHHSA). See Instructions, page 8 for a list of departments under CHHSA. CPHS is also the IRB required to review all research-related requests for state personal information to the University of California and non-profit educational institutions. CPHS must also approve research requests for Death Data from the California Department of Public Health.

CPHS has transitioned to a new electronic protocol submission and approval system, IRBManager. View the IRBManager Manual for Researchers for technical information and screen shots about registering for and utilizing this system.

Depending on the type of research being executed, review may be conducted at a convened meeting of CPHS or completed on an expedited basis. Expedited reviews may have one to three reviewers. Most projects that have any contact with human subjects, such as a survey or collection of specimens, must be initially approved at a convened meeting. If they are deemed to be minimal risk, all subsequent reviews may be done on an expedited basis. All data-only projects are approved on an expedited basis.

CPHS meetings are held on the first Friday of even-numbered months (February, April, June, August, October, and December) from 8:30 AM to 5:00 PM. Meetings are held in Sacramento at 2020 West El Camino Avenue, Sacramento, CA. The schedule and location of upcoming meetings and the agendas for those meetings are available on OSHPD’s Public Meeting page. Researchers are encouraged to appear in person, but may attend by telephone if arrangements are made in advance with the CPHS Administrator. All meetings are open to the public and conducted in compliance with the Bagley-Keene Open Meeting Act.

The 13 CPHS members are volunteers who are appointed by the Secretary of the California Health and Human Services Agency (CHHSA). Members are chosen for their expertise in differing fields of research and abilities to represent and understand the needs of diverse research subjects, particularly those who may be vulnerable due to factors such as age, socio-economic status, ethnicity, or medical conditions. Detailed information about current CPHS members is available in the CPHS Members section.

CPHS (Committee for the Protection of Human Subjects) is the Institutional Review Board (IRB) for all of the departments under the California Health and Human Services Agency. As such, the IRB is required to review all research-related requests for state personal identifiable information from the University of California and non-profit educational institutions.

What is defined as research?

According to CFR 46.102, research is defined as a systematic investigation, including research development, testing and evaluation, designed to contribute to generalizable knowledge. Activities, which meet this definition, constitute research for purposes of this policy whether or not they are conducted or supported under a program, which is considered research for other purposes. For example, some demonstration and service programs may include research activities. Therefore, this project will require CPHS’ review.

If a project falls under any of these parameters, it will require CPHS’ review and approval.

What is defined as non-research?

An exemption for non-research can be approved based on the following:

FDA evaluation

Public health practice/surveillance

Program evaluation

Resource utilization review

What is defined as Exempt Research?

An Exemption for Research can be approved based on the following:

Research involving analysis/study of existing data

Research involving data which is publicly available

No identifiable data is being requested from any of the CHHSA departments

CPHS staff screens all protocols before assigning it to a Reviewer(s). If the protocol is incomplete or missing documents, CPHS staff returns the protocol to the Primary Investigator (PI) using the “Notes” feature. Once the protocol is received with the correction, staff will re-screen and assign to a Reviewer(s). If the Reviewer(s) needs any clarifications on the information provided, the Reviewer uses the “Notes” feature to communicate with the Primary Investigator (PI). Once the Primary Investigator (PI) receives the note in IRBManager, the Researcher is able to edit the protocol.

When will I be notified that my Adverse Event Review has been approved?

The Committee Chair, Vice Chair and the Reviewer review each Adverse Event Report as soon as it is received. Once it has been reviewed and recommended for approval, the Report is scheduled onto the next Committee’s public meeting date. At the meeting, the Reviewer provides a brief summary of the event report and the corrective steps taken by the Primary Investigator (PI). The Committee votes to approve or disapprove the report. Upon the Committee’s decision of the report, CPHS staff releases the appropriate letter via IRBManager within ten business days after the meeting.

Initiate an Amendment to the protocol and attach the PIs and Co-PIs curriculum vitae.

How can I update my account information?

Once your account is created, you will be required to contact CPHS staff for any changes except for your password. If the need arises, to change/reset passwords, go to the “IRBManager page” and click on the “Forgot Password” option at the lower right of the screen.

If the personnel or email address associated with your project have changed, an amendment must be initiated and submitted to CPHS via IRBManager. These types of changes will be reviewed on an Expedited basis. For these types of revisions, an Expedited basis is reviewed within ten business days after submission.

If projects are submitted by the submission deadline, they are approved on that cycles’ meeting date. (Note: All projects are reviewed for quality and completeness of the application).

Special considerations: Determination requests and amendments can be approved at any time. New Expedited projects can be approved within five to ten business days after the CPHS public meeting. Projects presented to the CPHS Committee receive approval or deferred approval letters within five to ten business days after the CPHS public meeting. Deferred projects will not receive an approval letter until all revisions are approved by a subcommittee. The subcommittee also determines if the project requires to be re-evaluated by all the members.

I have submitted my IRBManager application. What is the next step?

CPHS staff screens all protocols before it is assigned to a Reviewer(s). If the protocol is incomplete or it has missing documents, CPHS staff returns the protocol to the Primary Investigator (PI) using the “Notes” feature in IRBManager. The Primary Investigator (PI) addresses the concerns and returns the protocol using the “Notes” feature. Once the protocol has successfully passed screening, it is assigned to a Reviewer(s). Should the Reviewer require any clarifications, he/she will send a note via IRBManager to the Primary Investigator (PI). The Primary Investigator (PI) and all personnel listed on the protocol receive a system generated email message. Once this message is received, the protocol can be edited. Once the revisions are completed, the Primary Investigator (PI) returns a note on IRBManager and returns the protocol to CPHS by clicking “Save” and “Done”. If the application meets all the requirements, the Reviewer recommends approval. All approval letters are released after the CPHS public meeting dates. For meeting dates and submittal dates, visit the CPHS homepage

What is the renewal window period for Continuing Renewals?

Continuing Renewal reviews can be started and submitted for protocols 60 days prior to the project’s Primary Investigator (PI) expiration date. Once the protocol’s expiration date is reached, Researchers can no longer start or submit Continuing Renewal reviews.

What is a submission deadline?

Submission deadlines are set one month prior to the CPHS public meeting date. During this time period, CPHS staff screens and processes and assigns all protocols to the Reviewers before the public meeting date.

What is an expiration date?

Expiration dates are set a year from the project’s current approval date. Most projects are approved for one year.

All data security questions must be answered on Cal Protects. If a question does not apply to your protocol, indicate your response as “N/A.” Do not leave any questions blank.

The Data Security Letter must be signed by your organization/department’s Chief Information Officer, Privacy Officer, Security Officer or an equivalent position. This letter is required to be attached to your online protocol prior to its approval. If there is a delay in obtaining this document, you will need to contact CPHS staff for assistance.

How often do I have to update my Data Security letter?

The Data Security Letter must be updated whenever there is an amendment that led to the change of personnel. This includes Primary Investigator (PI) RO, Chief Information Officer, Privacy Officer, Security Officer, or an equivalent position.

Who can sign the Data Security Letter?

The Data Security Letter MUST be signed by your organization/departments Chief Information Officer, Privacy Officer, Security Officer or an equivalent position.

(Note: The Primary Investigator (PI) CANNOT sign the Data Security Letter. All letters that are not signed by the appropriate officer will not be valid.)

It is mandatory for the Principal Investigator (PI) and Responsible Official (RO) to register on IRBManager prior to creating a protocol. If the project has other contacts, such as the Co-Principal Investigator (Co-PI), Administrative Contact and Other Contact, each individual must also register on IRBManager. This allows them to access and receive emails on the protocol.

Only personnel registered with Cal Protects User accounts linked to a protocol receive emails regarding said protocol. If your account is listed in a protocol’s Personnel Information section, but you are not receiving any email notifications, check the Spam folder of your email address and/or check with your organization’s IT department to inquire if your firewall is blocking the email from being received. If you are still not receiving notifications, please contact CPHS Staff at (916) 326-3660 or by email to request access to the project.

After you have submitted a Determination Request, CPHS staff screens for completeness and assigns the protocol to a CPHS Reviewer. If the CPHS Reviewer determines that the project is exempt, an approval for Exemption letter is released via IRBManager. An automatic system email notifying all personnel listed in the protocol is also released. However, if the project is determined to be Not Exempt the Determination Request is denied in IRBManager. (In addition, a detailed email stating the reason(s) and instructions on how to obtain CPHS approval is sent to the personnel listed in the protocol.)

What is the process to request a Determination of Non- Research/Exempt Research?

The registration process must be completed. Once you have registered, you will have access to complete a request for Determination of Non-Research/Exempt Research.

My project was determined to be presented at a CPHS Full Committee meeting, what are the next steps?

If a protocol requires Full Committee presentation, CPHS notifies the Researcher(s) that 14 hardcopies need to be mailed to CPHS, two to three weeks prior to the upcoming public meeting date. CPHS staff coordinates all the logistics with the Primary Investigator (PI), i.e., time, place, etc. The Primary Investigator (PI) is provided with an option to make a personal appearance or attend by teleconference on the day of the meeting.

How do I create a new project/protocol on IRBManager?

Once all the required individuals (at a minimum the Primary Investigator (PI) and the Responsible Official) have successfully registered, you are able to create a protocol.

In addition to providing the responses, the following documents must be uploaded under the “Attachments Section”:

I want to withdraw a project which has not been entered into IRBManager. What am I required to do?

Projects that are withdrawn from CPHS require the submission of the following documents:

A cover letter clearly summarizing the reasons for withdrawal of the project.

Include a description of the plan for the destruction or return of any data used in the study. If the data will be retained, include a justification.

Appropriate Project Forms: (Continuing Periodic Review Data Only or Human Subject Contact, Annual Report Form for Information Practices Act, or Death Data Only) found here. The box next to “Withdrawn” must be checked.

I completed a project which has not been entered into IRBManager. What am I required to do?

For completed projects, you are required to submit of the following documents:

A cover letter clearly summarizing any results and knowledge gained from the research project. Also include a description of the plan for the destruction or return of any data used in the study. If the data will be retained and include a justification.

Appropriate Project Forms: (Continuing Periodic Review Data Only or Human Subject Contact, Annual Report Form for Information Practices Act or Death Data Only) found here. The box next to “Completed” must be checked.

I received an email stating I have “Notes” on my project. What are Notes?

CPHS staff uses the “Notes” feature to communicate with the Primary Investigator (PI) or Co-Primary Investigator (Co- PI) to obtain clarification or obtain missing information/documents during the initial screening of the project. All documents and/or comments requested must be addressed before resubmitting to CPHS.

I received an email stating that the Reviewer has left a Note on my project. What are notes?

Once your project has successfully passed the screening process, the project is assigned to a Reviewer(s). The “Note” feature is used as the communication tool between the Reviewer and the Researcher. The Reviewer will initiate the “Note” feature to obtain clarifications on the projects.

Upon the Reviewer’s approval of your amendment, CPHS staff will release the approval via IRBManager. The email notification will contain the approval and instructions on how to obtain the project’s approval letter. The email is sent to all personnel listed on the project.

When will I be notified that my Continuing Renewal Review has been approved?

Researchers are notified of their Continuing Renewal Review approval on their project’s cycle meeting date.

Why do I have to wait until the CPHS meeting date to get my Approval Letter?

All projects are officially approved on IRBManager ten business days after the CPHS public meeting. This allows all projects

What is an Adverse Event/Unanticipated Problems? How do I report it to CPHS?

An Adverse Event/Unanticipated Problems entails unanticipated problems (including breach of data security) or adverse events involving risks to human subjects while the research is being conducted. A “Report Form” must be completed and submitted via IRBManager within 48 hours of the event. To file a report, you must log into IRBManager. Additionally, you must call CPHS staff at (916)326-3660 to notify them of the report submission.

A breach of data security occurred on my project, is this reportable?

A breach of data security is considered an unanticipated problem during the research. A “Report Form” must be completed and submitted via IRBManager within 48 hours of the event. To file a report, you first log into IRBManager. Select report form andn it will open a separate screen. Once the form has been submitted, you must call CPHS staff at (916)326-3660 to notify them of the report submission.